“Worm.Bagz.h”的意思、由来-中文百科全书

病毒别名：Email-Worm.Win32.Bagz.h [AVP]

处理时间：

威胁级别：★★

中文名称：袋子变种H

病毒类型：蠕虫

影响系统：Win9x / WinNT

病毒行为:

1)将病毒拷贝到%System%\\hicom.exe，并将其进程注册为系统服务Working Network Connections。

HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\TY164

"Type"=0x20

"Start"=0x2

"ErrorControl"=0x0

"ImagePath"="%System%\\hicom.exe"

"DisplayName"="Working Network Connections"

HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\TY164\\Security

"Security"=01 00 14 80 A0 00 00 00 ...

"ObjectName"="LocalSystem"

"Description"="Manages this out config test"

HKEY_LOCAL_MACHINE\\SYSTEM\\CURRENTCONTROLSET\\ENUM\\ROOT\\LEGACY_TY164

"NextInstance"=0x1

HKEY_LOCAL_MACHINE\\SYSTEM\\CURRENTCONTROLSET\\ENUM\\ROOT\\LEGACY_TY164\\0000\\Control

"*NewlyCreated*"=0x0

HKEY_LOCAL_MACHINE\\SYSTEM\\CURRENTCONTROLSET\\ENUM\\ROOT\\LEGACY_TY164\\0000

"Service"="TY164"

"Legacy"=0x1

"ConfigFlags"=0x0

"Class"="LegacyDriver"

"ClassGUID"=""

"DeviceDesc"="Working Network Connections"

HKEY_LOCAL_MACHINE\\SYSTEM\\CURRENTCONTROLSET\\SERVICES\\TY164\\Enum

"0"="Root\\LEGACY_TY164\\0000"

"Count"=0x1

"NextInstance"=0x1

HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\ServiceCurrent

(Default)=0x8

HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Enum\\Root\\LEGACY_TY164\\0000\\Control

ActiveService="TY164"

2)尝试连接到预定的站点

3)开启一个隐蔽的代理，并通过染毒机器发送邮件

邮件发送人：

姓：

Alexander

Alpert

Albert

Horowitz

Hollaender

Hohenemser

Hoch

Hirsch

Himmelfarb

Hillel

Herzog

Hersch

Herzberg

Herman

Hellman

Heller

Heck

Hecht

Handler

Halpern

Halperin

Gysi

Gunzberg

Gr1nberg

Gruber

Grossman

Greenberg

Gralnick

Gould

Gottlieb

Goldwyn

Goldenson

Goldberg

Glucksman

Glickman

Glazer

Gershwin

Gersh

Gelbman

Geffen

Friedman

Fried

Freud

Frankel

Fleisher

Fleischer

Fishbein

Fisch

Fish

Finkelstein

Finkbein

Finkel

Fink

Feldman

Feinberg

Feidelberg

Farber

Emmanuel

Ellison

Ellis

Adorno

Adler

Abrahams

名：

Kelly

Ingrid

Helen

Giselle

Fran

Erica

Ellen

Yvonne

Winnie

Wilma

Wendy

Vivian

Vicki

Ursula

Tori

Terri

Samantha

Sarah

Randi

Roxanne

Patty

Paula

Nicole

Norah

Melanie

Maureen

Lindsey

Linda

Laura

Kelly

Kate

Katherine

Jennifer

Julia

Ingrid

Helen

Diane

Debbie

Carolyn

Cathy

Barbara

Brenda

Anne

Allison

Amanda

Sally

Gina

Martha

Lynda

发送邮箱：

admin@rambler.ru

admin@yandex.ru

admin@gmail.com

admin@hotmail.com

admin@mail.ru

词条	Worm.Bagz.h
释义	Worm.Bagz.h是一个向外发送电子邮件的蠕虫病毒。该病毒会将自己注册系统服务，并开启一个隐蔽的代理，通过本地机器发送邮件。邮件的发送者是伪造的，邮件的附件是一个html文件，每封邮件的附件名可能是不同的。病毒别名：Email-Worm.Win32.Bagz.h [AVP] 处理时间：威胁级别：★★ 中文名称：袋子变种H 病毒类型：蠕虫影响系统：Win9x / WinNT 病毒行为: 1)将病毒拷贝到%System%\\hicom.exe，并将其进程注册为系统服务Working Network Connections。 HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\TY164 "Type"=0x20 "Start"=0x2 "ErrorControl"=0x0 "ImagePath"="%System%\\hicom.exe" "DisplayName"="Working Network Connections" HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\TY164\\Security "Security"=01 00 14 80 A0 00 00 00 ... "ObjectName"="LocalSystem" "Description"="Manages this out config test" HKEY_LOCAL_MACHINE\\SYSTEM\\CURRENTCONTROLSET\\ENUM\\ROOT\\LEGACY_TY164 "NextInstance"=0x1 HKEY_LOCAL_MACHINE\\SYSTEM\\CURRENTCONTROLSET\\ENUM\\ROOT\\LEGACY_TY164\\0000\\Control "NewlyCreated"=0x0 HKEY_LOCAL_MACHINE\\SYSTEM\\CURRENTCONTROLSET\\ENUM\\ROOT\\LEGACY_TY164\\0000 "Service"="TY164" "Legacy"=0x1 "ConfigFlags"=0x0 "Class"="LegacyDriver" "ClassGUID"="" "DeviceDesc"="Working Network Connections" HKEY_LOCAL_MACHINE\\SYSTEM\\CURRENTCONTROLSET\\SERVICES\\TY164\\Enum "0"="Root\\LEGACY_TY164\\0000" "Count"=0x1 "NextInstance"=0x1 HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\ServiceCurrent (Default)=0x8 HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Enum\\Root\\LEGACY_TY164\\0000\\Control ActiveService="TY164" 2)尝试连接到预定的站点 3)开启一个隐蔽的代理，并通过染毒机器发送邮件邮件发送人：姓： Alexander Alpert Albert Horowitz Hollaender Hohenemser Hoch Hirsch Himmelfarb Hillel Herzog Hersch Herzberg Herman Hellman Heller Heck Hecht Handler Halpern Halperin Gysi Gunzberg Gr1nberg Gruber Grossman Greenberg Gralnick Gould Gottlieb Goldwyn Goldenson Goldberg Glucksman Glickman Glazer Gershwin Gersh Gelbman Geffen Friedman Fried Freud Frankel Fleisher Fleischer Fishbein Fisch Fish Finkelstein Finkbein Finkel Fink Feldman Feinberg Feidelberg Farber Emmanuel Ellison Ellis Adorno Adler Abrahams 名： Kelly Ingrid Helen Giselle Fran Erica Ellen Yvonne Winnie Wilma Wendy Vivian Vicki Ursula Tori Terri Samantha Sarah Randi Roxanne Patty Paula Nicole Norah Melanie Maureen Lindsey Linda Laura Kelly Kate Katherine Jennifer Julia Ingrid Helen Diane Debbie Carolyn Cathy Barbara Brenda Anne Allison Amanda Sally Gina Martha Lynda 发送邮箱： admin@rambler.ru admin@yandex.ru admin@gmail.com admin@hotmail.com admin@mail.ru
随便看	陶埏陶埙陶芊芊陶菁陶葆楷陶葆廉陶奕君陶岘陶岑婕陶岱陶嵘陶徵士诔陶庵记陶庵留碧碑陶庵梦忆陶庵梦忆序陶怡陶洙陶淇陶溥陶澍陶澍实验高级中学陶弼陶妍陶妍妏